A naukri.com initiative
Amazon
3d
343
Image Credit: Amazon
Automate replication of row-level security from AWS Lake Formation to Amazon QuickSight
- Amazon QuickSight is a cloud-powered, serverless business intelligence service that allows for interactive dashboards accessible from various devices and embeddable into apps, portals, and websites.
- Row-level security (RLS) in Amazon QuickSight ensures that users see data based on permissions. Trusted identity propagation allows passing a reader's identity to the data source for RLS.
- The solution automates replication of entitlements from AWS Lake Formation to Amazon QuickSight, supporting both direct query and SPICE datasets.
- The process involves using AWS Lambda to extract and transform data filters, storing them in Amazon S3, and creating rules datasets in QuickSight.
- Prerequisites include enabling AWS Lake Formation and Amazon QuickSight services in the same account, along with necessary IAM permissions.
- Creating groups in QuickSight and tables in Lake Formation, setting up row-level security in Lake Formation, and granting permissions are crucial steps.
- A Lambda function extracts data filter rules and permissions from Lake Formation, transforms them for QuickSight, and stores them in S3.
- The transformed data is then used to create rules datasets in Amazon QuickSight for implementing row-level security.
- Testing row-level security involves creating and publishing dashboards for different user groups to demonstrate restricted data access.
- Finally, the cleanup involves deleting resources created during the process to ensure proper resource management.
Read Full Article
20 Likes
For uninterrupted reading, download the app